Ethical Hacking, Penetration Testing & Computer Security

Archive | December, 2007

At last a new major release of Nmap! If for some odd reason you don’t already know what Nmap is, it is a free and open source utility for network exploration or security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring […]

Seen as though we’ve been having a good bash on Microsoft recently, here’s some more relevant news. The December update from Microsoft has delivered patches for 11 series flaws spanning both IE6 & IE7 and all their currently supported operating systems (Windows 2000, Windows XP and Windows Vista). So if you are running Windows, make […]

KisMAC is an opensource and free stumbler/scanner application for Mac OS X. It has an advantage over MacStumbler/iStumbler/NetStumbler in that it uses monitor mode and passive scanning. KisMAC supports several third party PCMCIA cards – Orinoco, PrismII, Cisco Aironet, Atheros and PrismGT. USB Prism2 is supported as well, and USB Ralink support is in development. […]

It looks like there is a fairly serious vulnerability in some of the popular media player packages out in the wild packaged as a MP4 file (due to the MP4 codec from 3ivx), it effects Windows Media Player 6.4 and Windows Media Player Classic, which are made by Microsoft, and AOL’s Winamp version 3.5. All […]

Scanrand is extremely quick and effective port scanner. It works by forking two distinct processes: One to send the initial queries One to receive responses and reconcile them from the above This makes it extremely fast. If you haven’t heard of the suite, Scanrand is one of the five tools in Paketto Keiretsu by Dan […]

It’s that time of the year, our annual christmas present – the Sans Top 20 Vulnerabilities for 2007. The SANS Top 2007 list is not “cumulative.” We include only critical vulnerabilities from the past year or so. If you have not patched your systems for long time, it would be wise to patch the vulnerabilities […]

Competition time again! As you know we started the Darknet Commenter of the Month Competition on June 1st and it ran for the whole of June and July. We have just finished the sixth month of the competition in November and are now in the seventh, starting a few days ago on December 1st – […]

The MSF eXploit Builder (MSF-XB) is a free win32 application (GUI) that wants to be an Exploit Development Platform. The main goal is to speed up the exploit development process, this is accomplished by using the powerful functionalities and neat design of The Metasploit Framework. MSF-XB automatically generates MSF compliants exploits modules. The MSF-XB package […]

It seems like malware numbers are going up, rather than down as I would expect. But then if you think about it as a numbers game, the more people that come online – the more in absolute terms that are going to have nefarious intent. This means more hackers, more script kiddies and more malware. […]

The newest version of Technitium MAC Address Changer was released a while back, v4.7. There are some minor changes and it’s looking to be pretty polished for a free tool. Of course some might say “It’s just a registry entry? What’s the big deal?” Well this just makes it easier, especially when you are doing […]